I'm very excited to bring the EH-Net Community something truly special. This is an entire video course on ethical hacking using Armitage & Metasploit. I think it fits nicely into a niche not currently filled. This is not a replacement for any other large tutorials or full-fledged instructor-led courses. It's right in the middle. It's about 2 hours of instruction from the author of Armitage in easy to follow videos.

So if anyone asks where do I start or how do I break into this field, I think this will become THE place to send them. So spread the word and enjoy.

As always, let us know what you think. Raphael and I will keep an eye on this and make modifications if necessary to this totally free course.

Special thanks to Raphael Mudge. This is his work and he has graciously agreed to have this as an exclusive contribution to EH-Net. His is truly a valued member of the greater security community.

Armitage is a front-end for Metasploit that allows team collaboration and exposes the advanced features of the framework. Raphael Mudge has made a six-part training series on Armitage and Metasploit for the ethicalhacker.net community. These demonstration-heavy lectures introduce the penetration testing process and walk you through each step. You'll learn how to break into hosts, carry out post-exploitation activities, develop more access from your initial foothold, and you'll do this in a team environment.

These lectures were initially created for the Austin, TX ISSA and OWASP half-day Metasploit training event in June. Elated after several tex-mex meals, Raphael recorded these lectures for us. If you're new to penetration testing and want to understand Metasploit and Armitage, these lectures are for you. Also, be sure to read Hacking Linux with Armitage from February 2011. Enjoy the training!

Amazing, I just had a look at article, I believe it will be good for someone who needs an understanding & break into the field as Don pointed out.

Cant wait till weekend , I will check the first two videos tonite & i think might need to set up Metasploit in my lab.....By the way Metasploit Framework is available for only Win/Linux/Unix environment, is it not possible for MAC or can it be installed in BT5 Virtual lab & use it from there?

vp75 wrote:y the way Metasploit Framework is available for only Win/Linux/Unix environment, is it not possible for MAC or can it be installed in BT5 Virtual lab & use it from there?

It's possible to run Metasploit on MacOS X but it's a lot of manual steps to get the dependencies in place. Further, it's even more work to get Armitage going beyond that. The Windows and Linux installers "just work". BackTrack 5 is fantastic. Everything is set up there for you. I recommend going that route.

Yeah I went through these videos last night with my BT5 VM at home and with minimal changes was able to duplicate pretty much everything done in the video only having to pause to reconfigure or start up additional VMs a few times. Great videos and an awesome application. I'm a Metasploit Pro customer and I'd love to see some of the Armitage functionality included in MSP. It's truly amazing how easy it is. Great stuff. Thanks!

Good thing is BT5 has got Metaspolit & Armitage with it, so didnt had much trouble except to get latest MSF framework.

I did tried to run on my De-ICE-1.100, its interesting as most of the things it is building up after each process (like after nmap scan, it build attack options etc...). Its good to for a person like me to understand & parallely build knowledge on commandline (rather fully depending on tool). I like this very much...

@Vp I'm a big fan of the DeICE VMs. They force folks to use the puzzle solving skills necessary for hacking. I love using tools like Armitage and Metasploit, but at the same time, they only take me so far. Sometimes you just have to look at what's there and figure it out using your knowledge of the system. DeICE is fantastic for that.

Thank you don for bringing these videos to everyone's attention and to Raphael for his time and expertise. I'll set some time aside later this week to digest them then play around with the concepts discussed.

@Ignatius - They're good, from what little time I've had to go through them, so far. I think Ralph did a great job. Looking forward, ultimately, to finding some time (maybe next couple of weeks, while I actually get a vacation from work ) to watch the 6th one, about the Armitage team capability...

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

A few people have asked me which drawing program I use on MacOS X to build network maps. I alluded to this program in the access lecture, but didn't mention it by name--my bad. The program is OmniGraffle and it's available at: http://www.omnigroup.com/products/omnigraffle/

Most of my diagrams are made using OmniGraffle. It's commercial, but well worth the money. I downloaded a few stencils to make it easier to create network maps using it. Stencils are available at: http://graffletopia.com/

My penetration testing maps are probably ghetto by the standards of http://www.ratemynetworkdiagram.com/index2.php but they serve as a great tool to organize my thoughts, map open services/software versions, capture what network security devices I believe exist, and to note possible findings.

This is excellent training and helped me tremendously. I'm studying for the CEH and trying to learn not just the foundation of hacking, but application as well.

I was really stuck on what I can do after reconnaissance and footprinting. After learning nmap, hping etc, I wasn't sure how to start gaining access to machines. Metasploit is excellent and so is Armitage!

Thank you!

Last edited by HaoleHero on Sun Sep 11, 2011 9:23 pm, edited 1 time in total.

thanks a lot about these tutorials :)i have a problem please answer me.i could get a shell on a mikrotik in our lan network by armitage.but i get this command in shell : $and i need to be a root access.how do i can?i tried "mountall-CVE-2010-2961.py" file and i uploaded it to mikrotik of victim but i couldn't get a root access. ??? ???i want to get user and password this mikrotik.please help me

Last edited by cygol on Wed Nov 07, 2012 9:00 am, edited 1 time in total.